From 56d695902c626c82bd51cc110725c76256d3adca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Reder?= Date: Mon, 5 Feb 2024 09:37:41 +0100 Subject: [PATCH 1/3] docs: fix command to trigger OS upgrade - when performing transactional-update from CLI another configuration is used and afterwards the file /var/run/reboot-needed is created, instead of /var/run/reboot-required and Kured does not work as expected - the upgrade has to be triggered using the systemd service instead --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0d43e9ea..fc3f9045 100644 --- a/README.md +++ b/README.md @@ -250,7 +250,7 @@ kubectl delete plan k3s-server -n system-upgrade Also, note that after turning off node upgrades, you will need to manually upgrade the nodes when needed. You can do so by SSH'ing into each node and running the following commands (and don't forget to drain the node before with `kubectl drain `): ```sh -transactional-update +systemctl start transactional-update.service reboot ``` From 4a7765cad8fe2641995fc6156b2c8e222af362d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Reder?= Date: Mon, 5 Feb 2024 09:40:50 +0100 Subject: [PATCH 2/3] docs: better clarify how automatic updates are controlled - it's important to switch off auto upgrading completely in the kube.tf and not just by removing the node labels - otherwise the labels are created again on each agent restart or node reboot - the previous wording implied that the labels are only an alternative to switching off, but they are actually an alternative to switching on. --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index fc3f9045..06c524f4 100644 --- a/README.md +++ b/README.md @@ -222,21 +222,25 @@ _If you wish to turn off automatic MicroOS upgrades (Important if you are not la automatically_upgrade_os = false ``` -_Alternatively ssh into each node and issue the following command:_ +Alternatively ssh into each node and issue the following command: ```sh systemctl --now disable transactional-update.timer ``` -_If you wish to turn off automatic k3s upgrades, you need to set:_ +If you wish to turn off automatic k3s upgrades, you need to set: ```terraform automatically_upgrade_k3s = false ``` -_Alternatively, you can either remove the `k3s_upgrade=true` label or set it to `false`. This needs to happen for all the nodes too! To remove the node label completely, apply `-` at the end of the label: +_Once disabled this way you selectively can enable the upgrade by setting the node label `k3s_update=true` and later disable it by removing the label or set it to `false` again._ ```sh +# Enable upgrade for a node (use --all for all nodes) +kubectl label --overwrite node k3s_upgrade=true + +# Later disable upgrade by removing the label (use --all for all nodes) kubectl label node k3s_upgrade- ``` From efc7f73184034b8b9f75f1b54b3a66434568df78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Reder?= Date: Mon, 5 Feb 2024 09:46:48 +0100 Subject: [PATCH 3/3] fix: Kured default options for sentinel path - path has to point to the host's /var/run mountpoint in the container --- locals.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/locals.tf b/locals.tf index 06b16795..5f63160a 100644 --- a/locals.tf +++ b/locals.tf @@ -621,6 +621,7 @@ installCRDs: true "pre-reboot-node-labels" : "kured=rebooting", "post-reboot-node-labels" : "kured=done", "period" : "5m", + "reboot-sentinel" : "/sentinel/reboot-required" }, var.kured_options) k3s_registries_update_script = <